Privacy Policy / 隐私政策

This Privacy Policy explains how WaygroundEscaper ("we", "us", "our") collects, uses, discloses, and protects information in connection with the WaygroundEscaper website, browser userscript, and related services (collectively, the "Service").
本隐私政策说明 WaygroundEscaper（"我们"）如何在提供 WaygroundEscaper 网站、浏览器用户脚本及相关服务（统称"本服务"）过程中收集、使用、披露与保护信息。

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Service.
访问或使用本服务即表示您已阅读、理解并同意本隐私政策所述做法。如您不同意，请停止使用本服务。

1. Scope / 适用范围

This policy applies to all information processed through the Service, including but not limited to licensing and authorization, security monitoring, customer support, payment verification, and website analytics.
本政策适用于通过本服务处理的所有信息，包括但不限于许可授权、安全监控、客户支持、支付核验及网站分析。

This policy does not apply to third-party websites, platforms, or services that may be linked from or interact with the Service. We encourage you to review the privacy policies of any third party before providing them with your information.
本政策不适用于可能从本服务链接或与本服务交互的第三方网站、平台或服务。我们建议您在向任何第三方提供信息前查阅其隐私政策。

2. Definitions / 定义

For the purposes of this Privacy Policy:
在本隐私政策中：

• "Personal Data" / "个人数据"： any information that identifies or can reasonably be used to identify a natural person, directly or indirectly (e.g., IP address, email address, hashed device identifier).
  直接或间接识别或可合理用于识别自然人的任何信息（如 IP 地址、电子邮件地址、经哈希处理的设备标识）。
• "Processing" / "处理"： any operation performed on Personal Data, including collection, storage, use, transmission, and deletion.
  对个人数据执行的任何操作，包括收集、存储、使用、传输和删除。
• "License Key" / "许可密钥"： the unique alphanumeric string issued to you upon purchase that grants access to the Service.
  购买后向您签发的唯一字母数字字符串，用于授予本服务的访问权限。
• "HWID" / "硬件标识"： a hashed hardware or device identifier used to bind a license to a specific device for anti-abuse purposes.
  经哈希处理的硬件或设备标识，用于将许可绑定到特定设备以防滥用。

3. Information We Collect / 我们收集的信息

We collect only information that is reasonably necessary to operate the Service, provide licensing, prevent abuse, and maintain security. We do not collect information beyond what is described below.
我们仅收集为运营本服务、提供许可授权、防滥用与保障安全所合理必要的信息。我们不会收集以下所述范围之外的信息。

• License & Access Data / 许可与访问数据： License key, activation status, authorization events (e.g., activation, deactivation, renewal), and associated timestamps.
  许可密钥、激活状态、授权事件记录（如激活、停用、续期），以及相关时间戳。
• Security & Anti-Abuse Metadata / 安全与防滥用元数据： IP address (which may be truncated or anonymized after a limited period), approximate network information, and device/browser identifiers (stored in hashed form where applicable) used solely to detect fraud, prevent unauthorized redistribution, or identify abnormal usage patterns.
  IP 地址（在有限期限后可能被截断或匿名化）、基础网络信息、设备/浏览器标识（在适用情况下以哈希形式存储），仅用于识别欺诈、防止未经授权的再分发或识别异常使用模式。
• Usage Logs / 使用日志： Request timestamps, frequency and volume of license authorization calls, and error/diagnostic logs for debugging and service reliability. These logs do not contain the content of your browsing activity or any data from the platform on which the script operates.
  请求时间戳、授权调用频率/次数，以及用于调试与服务稳定性的错误/诊断日志。这些日志不包含您的浏览活动内容或脚本运行平台上的任何数据。
• Support & Communications / 支持与沟通信息： If you contact us, we collect your email address, message content, and any identifiers you voluntarily provide (e.g., transaction reference, license key) solely to resolve your request.
  当您联系我们时，我们收集您的邮箱地址、消息内容，以及您自愿提供的标识信息（如交易参考号、许可密钥），仅用于处理您的请求。
• Payment Data (Handled by Third-Party Processors) / 支付信息（由第三方支付服务商处理）： Payments are processed by third-party payment processors (e.g., Stripe). We do not receive, store, or have access to your full card number, CVV, or other sensitive payment credentials. We may receive only a transaction identifier, payment status, and billing country for verification and compliance purposes.
  支付由第三方支付服务商（如 Stripe）处理。我们不会接收、存储或访问您的完整卡号、CVV 或其他敏感支付凭证。我们可能仅接收交易标识、支付状态和账单国家，用于核验和合规目的。

4. Information We Do Not Collect / 我们不收集的信息

To be clear, the Service does not collect or transmit:
需要明确的是，本服务不会收集或传输：

• The content of web pages you visit or interact with while using the script.
  您在使用脚本时访问或交互的网页内容。
• Keystrokes, form inputs, or answers you submit on any platform.
  您在任何平台上的按键记录、表单输入或提交的答案。
• Screen captures, screenshots, or visual recordings of your activity.
  您活动的屏幕截图、截屏或视觉记录。
• Personally identifiable information beyond what is listed in Section 3.
  超出第 3 条所列范围的个人身份信息。

5. How We Use Information / 我们如何使用信息

We use collected information strictly for the following purposes:
我们将所收集信息严格用于以下目的：

• Provide and Maintain the Service / 提供与维护服务： License issuance, authorization verification, access control, system monitoring, and service reliability.
  许可发放、授权验证、访问控制、系统监控与服务稳定性维护。
• Security & Abuse Prevention / 安全与防滥用： Detecting fraud, preventing unauthorized redistribution or key sharing, rate-limiting automated attacks, and enforcing license terms.
  识别欺诈、防止未经授权的再分发或密钥共享、限制自动化攻击，并执行许可条款。
• Customer Support / 客户支持： Responding to your requests, restoring access when appropriate, troubleshooting issues, and resolving disputes.
  回复您的支持请求、在适当情况下恢复访问、排查问题，以及处理争议。
• Service Improvement / 服务改进： Analyzing aggregated, non-identifying usage patterns to improve reliability, performance, and user experience.
  分析汇总的、不可识别身份的使用模式以改进可靠性、性能与用户体验。
• Legal Compliance / 法律合规： Meeting legal obligations and responding to lawful requests from authorities.
  履行法律义务并响应来自主管部门的合法要求。

6. Legal Basis for Processing / 数据处理的法律依据

Where applicable (including for users in the EEA/UK under the GDPR, or similar frameworks), we process Personal Data based on one or more of the following legal bases:
在适用情况下（包括 EEA/英国用户受 GDPR 或类似框架约束的情形），我们基于以下一种或多种法律依据处理个人数据：

• Performance of Contract / 合同履行： processing necessary to deliver the Service and licensing you have purchased.
  为提供您已购买的本服务及许可授权所必需的处理。
• Legitimate Interests / 合法利益： securing the Service, preventing abuse, maintaining system integrity, and protecting our users. We balance these interests against your rights and freedoms.
  保障服务安全、防滥用、维护系统完整性并保护我们的用户。我们会在这些利益与您的权利和自由之间取得平衡。
• Legal Obligation / 法律义务： compliance with applicable laws, regulations, and lawful requests.
  遵守适用法律、法规及合法要求。
• Consent (Where Required) / 同意（如需）： only where a specific feature or jurisdiction legally requires affirmative consent. You may withdraw consent at any time by contacting us, without affecting the lawfulness of prior processing.
  仅在特定功能或司法管辖区依法要求明确同意时使用。您可随时联系我们撤回同意，但不影响撤回前已进行的处理的合法性。

7. Sharing and Disclosure / 信息共享与披露

We do not sell, rent, or trade your Personal Data. We share information only in the limited circumstances described below:
我们不会出售、出租或交易您的个人数据。我们仅在以下有限情形共享信息：

• Service Providers / 服务提供商： We may share information with trusted vendors that assist in operating the Service (e.g., hosting providers, CDN/security services such as Cloudflare, payment processors such as Stripe). These vendors are contractually required to use your information only for the purposes we specify and to maintain appropriate security safeguards.
  我们可能与协助运营服务的可信供应商共享信息（如托管提供商、CDN/安全服务如 Cloudflare、支付处理商如 Stripe）。这些供应商在合同中被要求仅按我们指定的目的使用您的信息，并维持适当的安全保障措施。
• Legal & Safety / 法律与安全： We may disclose information if we believe in good faith that disclosure is necessary to comply with applicable law, respond to valid legal process (e.g., subpoena, court order), protect our rights or property, or prevent harm to users or the public.
  如果我们真诚地认为披露对于遵守适用法律、响应有效法律程序（如传票、法院令）、保护我们的权利或财产，或防止对用户或公众的伤害是必要的，我们可能披露信息。
• Business Transfers / 业务转让： In the event of a merger, acquisition, reorganization, or sale of assets, information may be transferred as part of that transaction. We will provide notice before your Personal Data becomes subject to a different privacy policy.
  在发生合并、收购、重组或资产出售的情况下，信息可能作为交易的一部分被转移。在您的个人数据适用不同的隐私政策之前，我们会发出通知。

8. Data Retention / 数据保留

We retain information only as long as reasonably necessary for the purposes described in this policy. Specific retention periods are as follows:
我们仅在本政策所述目的合理必要的期限内保留信息。具体保留期限如下：

• License records / 许可记录： retained for the duration of your active license plus up to 12 months after expiration or termination, to support renewal, reactivation, or dispute resolution.
  在您的有效许可期间保留，并在到期或终止后最多保留 12 个月，以支持续期、重新激活或争议解决。
• Security & anti-abuse logs / 安全与防滥用日志： retained for up to 90 days, unless a longer period is required for an active investigation or legal obligation.
  最多保留 90 天，除非因正在进行的调查或法律义务需要更长的保留期限。
• IP addresses / IP 地址： may be truncated or anonymized within 30 days of collection, unless retention is required for an ongoing security investigation.
  可能在收集后 30 天内被截断或匿名化，除非因持续的安全调查需要保留。
• Support correspondence / 支持往来邮件： retained for up to 24 months after your last communication, then deleted or anonymized.
  在您最后一次通信后最多保留 24 个月，之后删除或匿名化。
• Payment references / 支付参考记录： transaction identifiers and billing country may be retained for up to 36 months to comply with financial recordkeeping obligations.
  交易标识和账单国家可能保留最多 36 个月，以遵守财务记录保存义务。

When data is no longer needed, it is securely deleted or irreversibly anonymized.
当数据不再需要时，将被安全删除或不可逆地匿名化。

9. Data Security / 数据安全

We implement reasonable technical and organizational safeguards to protect information from unauthorized access, alteration, disclosure, or destruction. These measures include but are not limited to:
我们采取合理的技术与管理措施保护信息免受未经授权的访问、篡改、披露或破坏。这些措施包括但不限于：

• Encryption in transit / 传输加密： all communications between your device and our servers are protected using TLS (HTTPS).
  您的设备与我们服务器之间的所有通信均使用 TLS（HTTPS）加密保护。
• Data minimization / 数据最小化： we collect only the minimum data necessary and restrict internal access on a need-to-know basis.
  我们仅收集最低限度的必要数据，并按需知原则限制内部访问权限。
• Hashed identifiers / 哈希标识： device identifiers are stored in hashed (one-way) form to prevent reversal and reduce exposure risk.
  设备标识以哈希（单向）形式存储，以防止逆向还原并降低泄露风险。
• Access controls / 访问控制： administrative access to systems containing Personal Data is limited and protected by authentication measures.
  对包含个人数据的系统的管理访问受到限制，并受身份验证措施保护。

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
没有任何传输或存储方法是 100% 安全的。虽然我们努力保护您的信息，但无法保证绝对安全。

10. Data Breach Notification / 数据泄露通知

In the event of a security breach that results in unauthorized access to your Personal Data and poses a risk to your rights and freedoms, we will:
如果发生安全漏洞导致未经授权访问您的个人数据，并对您的权利和自由构成风险，我们将：

• Notify affected users without undue delay and, where required by law, within 72 hours of becoming aware of the breach.
  在不合理延迟的情况下通知受影响的用户，并在法律要求的情况下，在获知泄露后 72 小时内发出通知。
• Notify the relevant supervisory authority where required under GDPR or other applicable data protection laws.
  在 GDPR 或其他适用数据保护法律要求的情况下通知相关监管机构。
• Provide information about the nature of the breach, the data affected, and the steps we are taking to mitigate and prevent recurrence.
  提供关于泄露性质、受影响数据以及我们为减轻影响和防止再次发生所采取措施的信息。

11. Your Rights / 您的权利

Depending on your location and applicable law (e.g., GDPR for EU/EEA users, CCPA/CPRA for California residents), you may have the following rights regarding your Personal Data:
根据您所在地区及适用法律（如适用于欧盟/EEA 用户的 GDPR、适用于加州居民的 CCPA/CPRA），您可能享有以下关于个人数据的权利：

• Access / 访问： request a copy of the Personal Data we hold about you.
  请求获取我们持有的关于您的个人数据副本。
• Correction / 更正： request correction of inaccurate or incomplete Personal Data.
  请求更正不准确或不完整的个人数据。
• Deletion / 删除： request deletion of your Personal Data, subject to our retention obligations. Please note that deleting license-related records may result in loss of access to the Service.
  请求删除您的个人数据（受我们的保留义务约束）。请注意，删除与许可相关的记录可能导致您无法继续访问本服务。
• Objection / 反对： object to processing of your Personal Data based on legitimate interests.
  反对基于合法利益处理您的个人数据。
• Restriction / 限制： request restriction of processing in certain circumstances (e.g., while we verify the accuracy of disputed data).
  在特定情况下请求限制处理（如在我们核实争议数据准确性期间）。
• Portability / 可携带： request export of your Personal Data in a structured, commonly used, machine-readable format where technically feasible.
  在技术可行的情况下请求以结构化、通用的机器可读格式导出您的个人数据。
• Withdraw Consent / 撤回同意： where processing is based on consent, withdraw that consent at any time.
  在处理基于同意的情况下，随时撤回该同意。
• Non-Discrimination / 不歧视： we will not discriminate against you for exercising any of your privacy rights.
  我们不会因您行使任何隐私权利而歧视您。

To exercise any of these rights, contact us at help.waygroundescaper@gmail.com. We will respond to verifiable requests within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
如需行使上述任何权利，请通过 help.waygroundescaper@gmail.com 联系我们。我们将在 30 天内（或适用法律要求的期限内）回复可验证的请求。在处理您的请求前，我们可能需要验证您的身份。

12. California Privacy Rights (CCPA/CPRA) / 加州隐私权利

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
如果您是加州居民，根据《加州消费者隐私法》（CCPA）及《加州隐私权利法》（CPRA）修正案，您享有额外权利：

• Right to Know / 知情权： you may request details about the categories and specific pieces of Personal Data we have collected about you in the preceding 12 months.
  您可以请求了解过去 12 个月内我们收集的关于您的个人数据类别和具体内容的详细信息。
• Right to Delete / 删除权： you may request that we delete your Personal Data, subject to certain exceptions.
  您可以请求我们删除您的个人数据（受特定例外情况约束）。
• No Sale or Sharing / 不出售或共享： we do not sell your Personal Data and do not share it for cross-context behavioral advertising.
  我们不出售您的个人数据，也不会为跨上下文行为广告目的而共享您的个人数据。

13. International Data Transfers / 跨境数据传输

Our infrastructure and service providers may process data in jurisdictions outside your country or region, including countries that may not offer the same level of data protection as your home jurisdiction. Where required by applicable law, we apply appropriate safeguards to support lawful transfers, such as:
我们的基础设施与服务提供商可能在您所在国家/地区以外的司法管辖区处理数据，包括可能未提供与您所在地相同数据保护水平的国家。在适用法律要求的情况下，我们将采取适当保障措施支持合法传输，例如：

• Standard contractual clauses approved by the European Commission.
  经欧盟委员会批准的标准合同条款。
• Ensuring service providers maintain equivalent or higher security standards.
  确保服务提供商维持同等或更高的安全标准。

14. Cookies & Similar Technologies / Cookie 与类似技术

We may use minimal cookies or similar technologies to support site functionality and security. Our use of cookies is limited as follows:
我们可能使用少量 Cookie 或类似技术以支持网站功能与安全。我们对 Cookie 的使用限于以下范围：

• Strictly Necessary Cookies / 严格必要的 Cookie： required for basic site functionality and security (e.g., session management, CSRF protection). These cannot be disabled without affecting the Service.
  网站基本功能与安全所必需的（如会话管理、CSRF 保护）。禁用这些 Cookie 可能影响服务功能。

We do not use advertising, tracking, or profiling cookies. We do not build user profiles for marketing purposes.
我们不使用广告、跟踪或用户画像 Cookie。我们不会为营销目的建立用户画像。

15. Third-Party Services & Links / 第三方服务与链接

The Service relies on third-party infrastructure and payment processors, including but not limited to Cloudflare (for CDN and security) and Stripe (for payment processing). These third parties operate under their own privacy policies, and we encourage you to review them:
本服务依赖第三方基础设施与支付处理商，包括但不限于 Cloudflare（CDN 与安全服务）和 Stripe（支付处理）。这些第三方按照各自的隐私政策运营，建议您查阅：

• Cloudflare Privacy Policy: https://www.cloudflare.com/privacypolicy/
• Stripe Privacy Policy: https://stripe.com/privacy

The Service may also interact with third-party platforms in the course of normal operation. We are not responsible for the privacy practices of those platforms.
本服务在正常运行过程中也可能与第三方平台交互。我们不对这些平台的隐私实践承担责任。

16. Children's Privacy / 未成年人隐私

The Service is not directed to, and not intended for use by, children under the age of 13 (or the minimum age required by applicable local law, whichever is higher). We do not knowingly collect Personal Data from children. If you believe that a child has provided us with Personal Data, please contact us at help.waygroundescaper@gmail.com and we will promptly delete such data.
本服务不面向也不打算供 13 岁以下（或适用当地法律要求的最低年龄，以较高者为准）的儿童使用。我们不会在知情情况下收集儿童的个人数据。如您认为儿童向我们提供了个人数据，请通过 help.waygroundescaper@gmail.com 联系我们，我们会立即删除此类数据。

17. Do Not Track & Automated Decisions / DNT 与自动化决策

The Service does not currently respond to "Do Not Track" (DNT) browser signals, as there is no universally accepted standard for how to interpret these signals. We will update this policy if a uniform standard is adopted.
由于目前尚无统一标准规定如何解释"请勿追踪（DNT）"浏览器信号，本服务目前不响应 DNT 信号。如采纳统一标准，我们将更新本政策。

We may use automated systems to detect license abuse or fraud. Such automated processing does not produce legal or similarly significant effects on users without the opportunity for human review. If you believe an automated decision has adversely affected you, contact us to request a review.
我们可能使用自动化系统检测许可滥用或欺诈。此类自动化处理不会在未经人工审核机会的情况下对用户产生法律或类似重大影响。如您认为自动化决策对您产生了不利影响，请联系我们请求审核。

18. Country or Region Determination / 国家或地区的确定

Prior to any payment, we may infer your country or region based on the approximate IP address and network information provided by your device when accessing the Service. This information is used solely for compliance with applicable laws, determining the applicability of certain legal obligations, and enforcing access or usage restrictions where required. It is not used for precise geolocation tracking.
在付款之前，我们可能根据您在访问本服务时由设备提供的近似 IP 地址及网络信息推断您的国家或地区。该等信息仅用于遵守适用法律、判断特定法律义务是否适用，以及在需要时执行访问或使用限制，并不会用于精确地理位置追踪。

After payment, we may rely on the country or region information associated with your payment method (such as billing address, country selection, or card BIN) to support ongoing legal and policy compliance.
在付款之后，我们可能依据与您支付方式相关的国家或地区信息（例如账单地址、国家选择或卡 BIN）来支持持续的法律及政策合规。

In cases of conflicting or inconsistent location indicators, we reserve the right to apply the more restrictive compliance standard, where permitted by law.
如出现地区信息不一致的情况，在法律允许的范围内，我们有权适用更严格的合规标准。

19. Changes to This Policy / 政策更新

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will revise the "Last Updated" date at the top of this page and, where practicable, provide additional notice (such as via email or a prominent notice on the Service).
我们可能不时更新本隐私政策，以反映我们的实践、技术、法律要求或其他因素的变化。当我们做出重大变更时，将更新页面顶部的"最近更新"日期，并在可行情况下提供额外通知（如通过电子邮件或在服务中显著公告）。

Your continued use of the Service after the updated policy takes effect constitutes your acceptance of the changes. If you do not agree with the updated policy, please discontinue use of the Service.
更新后的政策生效后，您继续使用本服务即视为接受变更。如您不同意更新后的政策，请停止使用本服务。

20. Contact Us / 联系我们

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
如您对本隐私政策或我们的数据处理实践有任何疑问、顾虑或请求，请联系：

Email / 邮箱： help.waygroundescaper@gmail.com

We aim to respond to all inquiries within 30 days. For requests relating to your data rights, we may require identity verification before processing.
我们致力于在 30 天内回复所有咨询。对于涉及您数据权利的请求，我们可能在处理前需要进行身份验证。